Every CVE whose affected-product data names Sco Unixware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (66)
CVE-2000-0308 — CVSS 10.0 (critical): Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3…
CVE-2000-0026 — CVSS 10.0 (critical): Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.
CVE-2000-0003 — CVSS 10.0 (critical): Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable.
CVE-2000-0348 — CVSS 10.0 (critical): A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain…
CVE-2009-1552 — CVSS 7.8 (high): Unspecified vulnerability in the IGMP driver in SCO Unixware Release 7.1.4 Maintenance Pack 4 allows attackers to cause a denial of service…
CVE-2000-1014 — CVSS 7.5 (high): Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute…
CVE-1999-0017 — CVSS 7.5 (high): FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
CVE-1999-1450 — CVSS 7.5 (high): Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows…
CVE-2002-1998 — CVSS 7.5 (high): Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long…
CVE-2004-1307 — CVSS 7.5 (high): Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code…
CVE-1999-0693 — CVSS 7.2 (high): Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
CVE-1999-0942 — CVSS 7.2 (high): UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it…
CVE-1999-0979 — CVSS 7.2 (high): The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into…
CVE-1999-1252 — CVSS 7.2 (high): Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root…
CVE-2000-0099 — CVSS 7.2 (high): Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument.
CVE-2003-0834 — CVSS 7.2 (high): Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment…
CVE-2005-2927 — CVSS 7.2 (high): Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary…
CVE-2005-2934 — CVSS 7.2 (high): Unspecified vulnerability in ptrace in SCO UnixWare 7.1.3 and 7.1.4 allows local users to gain privileges via unspecified vectors.
CVE-2008-6558 — CVSS 7.2 (high): Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root…
CVE-2008-6559 — CVSS 7.2 (high): Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a crafted -d argument that contains…
CVE-2008-0310 — CVSS 6.9 (medium): Directory traversal vulnerability in pkgadd in SCO UnixWare 7.1.4 before p534589 allows local users to create or append to arbitrary files…
CVE-2005-0109 — CVSS 5.6 (medium): Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local…
CVE-1999-0011 — CVSS 5.4 (medium): Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
CVE-2000-0349 — CVSS 5.0 (medium): Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of service.
CVE-2000-0173 — CVSS 5.0 (medium): Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service.
CVE-2000-0842 — CVSS 5.0 (medium): The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2001-1579 — CVSS 5.0 (medium): The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote…
CVE-2000-0307 — CVSS 5.0 (medium): Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which…
CVE-2003-0658 — CVSS 5.0 (medium): Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows…
CVE-2004-1039 — CVSS 5.0 (medium): The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote…
CVE-2008-1343 — CVSS 4.9 (medium): Directory traversal vulnerability in (1) pkgadd and (2) pkgrm in SCO UnixWare 7.1.4 allows local users to gain privileges via unknown…
CVE-2006-4655 — CVSS 4.6 (medium): Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and…
CVE-2000-0351 — CVSS 4.6 (medium): Some packaging commands in SCO UnixWare 7.1.0 have insecure privileges, which allows local users to add or remove software packages.
CVE-2002-1323 — CVSS 4.6 (medium): Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or…
CVE-2003-0937 — CVSS 4.6 (medium): SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID…
CVE-2004-1124 — CVSS 4.6 (medium): Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized…
CVE-2005-0134 — CVSS 4.6 (medium): The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to…
CVE-2005-3903 — CVSS 4.6 (medium): Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary code via a -S (scheme) argument that…
CVE-2003-0914 — CVSS 4.3 (medium): ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns…
CVE-1999-0825 — CVSS 3.6 (low): The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail.
CVE-1999-0828 — CVSS 3.6 (low): UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission.
CVE-2005-2132 — CVSS 2.1 (low): RPC portmapper (rpcbind) in SCO UnixWare 7.1.1 m5, 7.1.3 mp5, and 7.1.4 mp2 allows remote attackers or local users to cause a denial of…
CVE-2004-0996 — CVSS 2.1 (low): main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files…
CVE-1999-0078 — CVSS 1.9 (low): pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
CVE-2000-0154 — CVSS 1.2 (low): The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack.
CVE-2000-0224 — CVSS 1.2 (low): ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack.